1. Field of the Invention
The present invention relates to identity management and, more particularly, to a method and apparatus for establishing a federated identity using a personal wireless device.
2. Description of the Related Art
A person's identity is used in numerous contexts to enable the individual to obtain services and obtain goods. For example, the person's identity may be established by a credit card issued by a credit service to allow the person to obtain goods or services from a merchant. Similarly, the person's identity may be established by possession of a key to enable the person to obtain access to their car or house. On a computer network, a person's identity may be established through the use of an user identification code and password.
As technology has developed, the management of identity has become more intricate. For example, a given person may have an account at tens or hundreds of on-line merchants, may have multiple credit cards and bank cards, codes to enable them to sign on to their mobile telephone or personal digital assistant, and codes to enable them to obtain access to one or more computer networks. Management of all this information becomes increasingly complicated as the number of identities and the number of forms of identification increase.
Limited attempts have been made by individual merchants to facilitate transactions by allowing customers to purchase goods/services without providing identification information at the point of sale. For example, several fuel companies have implemented a system in which the customer is issued a payment device, such as a wand, that may be placed in the vicinity of a gas pump owned by a franchise station to cause the gas pump to activate to dispense gas to the customer. The wand may also be used inside an associated convenience store and allows a user to purchase gasoline and other supplies at the franchise station without requiring the user to find cash or a credit card. While the wand may make transactions with that particular service provider more convenient, the wand may not be used at other merchants and is thus only useable to obtain goods and services from the merchants associated with the parent company that issued the payment device.
As a result of the increasing complexity of identity management, a concept of federated identity was developed to simplify management of identity in a computer environment. Specifically, on a computer network, a federated identity enables a user to establish an identity once and use that identity with other service providers that have created a circle of trust. Essentially, the federated identity allows a user's identity to be established with one service provider and used at other service providers. Additionally, the identity may remain anonymous such that the service provider knows the customer is authorized to access the services, but may have no information about the individual that is able to be related to the customer's actual physical identity. Conventionally, the federated identity concept has been used only with computer networked services to allow a user to sign on to one computer system and, using that established identity, obtain access to other network systems even where the other network systems were not related to or owned by the first system.
Identity management in the real world is just as important as in an on-line context, since theft of credit card numbers and other identifying information costs merchants and consumers billions of dollars each year. Additionally, requirements associated with providing identification information while transacting with service providers provide an additional barrier to increasing transactions. This is particularly true in certain industries, such as rental industries, where the service providers routinely require the customer to fill out one or more lengthy forms. Accordingly, it would be advantageous to provide a way for a federated identity to be used in a secure manner in an environment other than on a computer network.